@cwebber is OpenSSL bad? possibly, but at least it doesn't become my responsibility to maintain it, which is placed on the distribution instead